Mercurial > gnulib

changeset 18302:93ffcec1bbd4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
xstrtol: prohibit monstrosities like "1bB" Problem reported by Young Mo Kang in: http://bugs.gnu.org/23388 * lib/xstrtol.c (__xstrtol): Allow trailing second suffixes like "B" only if the first suffix needs a base. * tests/test-xstrtol.sh: Test this.
author Paul Eggert <eggert@cs.ucla.edu>
date Wed, 27 Apr 2016 12:10:54 -0700
parents 41c14c70d2f1
children 8b34efae5441
files ChangeLog lib/xstrtol.c tests/test-xstrtol.sh
diffstat 3 files changed, 32 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Thu Apr 21 12:20:58 2016 +0100
+++ b/ChangeLog	Wed Apr 27 12:10:54 2016 -0700
@@ -1,3 +1,11 @@
+2016-04-27  Paul Eggert  <eggert@cs.ucla.edu>
+
+	xstrtol: prohibit monstrosities like "1bB"
+	Problem reported by Young Mo Kang in: http://bugs.gnu.org/23388
+	* lib/xstrtol.c (__xstrtol): Allow trailing second suffixes like
+	"B" only if the first suffix needs a base.
+	* tests/test-xstrtol.sh: Test this.
+
 2016-04-21  Pádraig Brady  <P@draigBrady.com>
 
 	xstrtod: reinstate setting of *result upon ERANGE
--- a/lib/xstrtol.c	Thu Apr 21 12:20:58 2016 +0100
+++ b/lib/xstrtol.c	Wed Apr 27 12:10:54 2016 -0700
@@ -148,8 +148,11 @@
           return err | LONGINT_INVALID_SUFFIX_CHAR;
         }
 
-      if (strchr (valid_suffixes, '0'))
+      switch (**p)
         {
+        case 'E': case 'G': case 'g': case 'k': case 'K': case 'M': case 'm':
+        case 'P': case 'T': case 't': case 'Y': case 'Z':
+
           /* The "valid suffix" '0' is a special flag meaning that
              an optional second suffix is allowed, which can change
              the base.  A suffix "B" (e.g. "100MB") stands for a power
@@ -157,19 +160,20 @@
              a power of 1024.  If no suffix (e.g. "100M"), assume
              power-of-1024.  */
 
-          switch (p[0][1])
-            {
-            case 'i':
-              if (p[0][2] == 'B')
-                suffixes += 2;
-              break;
+          if (strchr (valid_suffixes, '0'))
+            switch (p[0][1])
+              {
+              case 'i':
+                if (p[0][2] == 'B')
+                  suffixes += 2;
+                break;
 
-            case 'B':
-            case 'D': /* 'D' is obsolescent */
-              base = 1000;
-              suffixes++;
-              break;
-            }
+              case 'B':
+              case 'D': /* 'D' is obsolescent */
+                base = 1000;
+                suffixes++;
+                break;
+              }
         }
 
       switch (**p)
@@ -179,6 +183,9 @@
           break;
 
         case 'B':
+          /* This obsolescent first suffix is distinct from the 'B'
+             second suffix above.  E.g., 'tar -L 1000B' means change
+             the tape after writing 1000 KiB of data.  */
           overflow = bkm_scale (&tmp, 1024);
           break;
 
--- a/tests/test-xstrtol.sh	Thu Apr 21 12:20:58 2016 +0100
+++ b/tests/test-xstrtol.sh	Wed Apr 27 12:10:54 2016 -0700
@@ -16,6 +16,7 @@
 test-xstrtol 010 >> out 2>&1 || result=1
 # suffix without integer is valid
 test-xstrtol MiB >> out 2>&1 || result=1
+test-xstrtol 1bB >> out 2>&1 && result=1
 
 # test xstrtoul
 test-xstrtoul 1 >> out 2>&1 || result=1
@@ -27,6 +28,7 @@
 test-xstrtoul 9x >> out 2>&1 && result=1
 test-xstrtoul 010 >> out 2>&1 || result=1
 test-xstrtoul MiB >> out 2>&1 || result=1
+test-xstrtoul 1bB >> out 2>&1 && result=1
 
 # Find out how to remove carriage returns from output. Solaris /usr/ucb/tr
 # does not understand '\r'.
@@ -51,6 +53,7 @@
 invalid suffix in X argument '9x'
 010->8 ()
 MiB->1048576 ()
+invalid suffix in X argument '1bB'
 1->1 ()
 invalid X argument '-1'
 1k->1024 ()
@@ -60,6 +63,7 @@
 invalid suffix in X argument '9x'
 010->8 ()
 MiB->1048576 ()
+invalid suffix in X argument '1bB'
 EOF
 
 compare expected out || result=1